Respect DNT when tracking experiments
What does this MR do?
This was brought up by @dreedy in a Slack discussion (internal).
We already respected DNT when deciding if the user is part of the experiment or not with 53c94d92. However, we still tracked snowplow events and added users with DNT in the control group.
FYI for transparency around privacy:
- The snowplow events don't have any user information in there.
- We used the snowplow events to count the amount of users going through either control or experiment group
- We have not personalised the experience for users who have DNT enabled (they got excluded from experiments with 53c94d92)
All that being said, Do not track, should still not track anything. It also gives us wrong data, since the control could be larger than the experiment group.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Nicolas Dular